Vault

Vault, Big Data technology for your logs

redborder Vault will collect, enrich, correlate and store logs securely and in a highly scalable way. It is valuable both on its own and together with the other Apps.

This is a new era in log management. Use storage to benefit from the knowledge that you were just throwing away. This paradigm shift is made possible by using inexpensive scale-out storage.

redborder Vault will collect, enrich, correlate, and store logs in a highly scalable, secure, and intelligent way such that the data is valuable both on its own and in cooperation with the other Apps. Vault is our syslog server.

Meta data extraction

Log processing is a complex semantic task. While the syslog standard is defined, the contents of each log message are very vendor-specific. redborder Vault will extract as much metadata as is present in the log to normalize it for uniform understanding and processing.

Enrichment

Logs will be much more valuable and understandable when enriched with intelligence feeds. This is a key element in the redborder platform, as we always enrich the data. Vault will use our reputation feeds as well as other information gathered in the system to enrich the logs.

Correlation

Extend the decision-making capabilities of redborder by applying your business logic to a sequence of events to trigger new events or alarms. Search for specific event conditions, sequences of events in a time window, computed limits, etc., to mimic your logic..

Storage

redborder combines metadata storage in Druid's OLAP for screaming fast interactive analysis with Hadoop raw storage for unaltered and secured evidence analysis. All logs are timestamped and hashed for evidence in case it is needed.